FROMLIST: android: binder: Fix null ptr dereference in debug msgASB-2017-12-05_4.9-o-release

(from https://patchwork.kernel.org/patch/9990323/) Don't access next->data in kernel debug message when the next buffer is null. Bug: 36007193 Change-Id: Ib8240d7e9a7087a2256e88c0ae84b9df0f2d0224 Acked-by: Arve Hjønnevåg <arve@android.com> Signed-off-by: Sherry Yang <sherryy@android.com>
author: Sherry Yang <sherryy@android.com> 2017-10-05 17:13:47 -0400
committer: Todd Kjos <tkjos@google.com> 2017-12-15 11:15:22 -0800
commit: c80cb1668c1ca29b5c4fe2d37d0e15f3d3f5daef (patch)
tree: 68ae19d946b37aac154368d5d034e30e2a9f1cba
parent: 8f66a7a8b20edca396204f0b4f6ccb9904a0e86c (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c
index fab52955fda1..0a541fee6784 100644
--- a/drivers/android/binder_alloc.c
+++ b/drivers/android/binder_alloc.c
@@ -520,7 +520,7 @@ static void binder_delete_free_buffer(struct binder_alloc *alloc,
 		binder_alloc_debug(BINDER_DEBUG_BUFFER_ALLOC,
 				   "%d: merge free, buffer %pK do not share page with %pK or %pK\n",
 				   alloc->pid, buffer->data,
-				   prev->data, next->data);
+				   prev->data, next ? next->data : NULL);
 		binder_update_page_range(alloc, 0, buffer_start_page(buffer),
 					 buffer_start_page(buffer) + PAGE_SIZE,
 					 NULL);
author	Sherry Yang <sherryy@android.com>	2017-10-05 17:13:47 -0400
committer	Todd Kjos <tkjos@google.com>	2017-12-15 11:15:22 -0800
commit	c80cb1668c1ca29b5c4fe2d37d0e15f3d3f5daef (patch)
tree	68ae19d946b37aac154368d5d034e30e2a9f1cba
parent	8f66a7a8b20edca396204f0b4f6ccb9904a0e86c (diff)